@deepstrike/core 0.1.1 → 0.1.4

package/Cargo.toml

@@ -20,5 +20,3 @@ serde_json = { workspace = true }
 [build-dependencies]
 napi-build = "2"
 
-[profile.release]
-lto = true

package/index.d.ts

@@ -0,0 +1,337 @@
+/* tslint:disable */
+/* eslint-disable */
+
+/* auto-generated by NAPI-RS */
+
+export interface ContentPartObj {
+  /** `"text"` | `"image"` | `"audio"` | `"tool_result"` */
+  type: string
+  text?: string
+  url?: string
+  data?: string
+  mediaType?: string
+  detail?: string
+  callId?: string
+  output?: string
+  isError?: boolean
+}
+export interface Message {
+  role: string
+  /**
+   * Plain-text content. When `content_parts` is present, this holds only the
+   * concatenated text segments for backward compatibility.
+   */
+  content: string
+  /** Structured multimodal content parts. When present, takes precedence over `content`. */
+  contentParts?: Array<ContentPartObj>
+  tokenCount?: number
+  toolCalls: Array<ToolCall>
+}
+export interface ToolCall {
+  id: string
+  name: string
+  /** JSON-encoded arguments. JS: `JSON.stringify(args)`. */
+  arguments: string
+}
+export interface ToolResult {
+  callId: string
+  output: string
+  isError: boolean
+  tokenCount?: number
+}
+export interface ToolSchema {
+  name: string
+  description: string
+  /** JSON-encoded JSON Schema. JS: `JSON.stringify(schema)`. */
+  parameters: string
+}
+export interface RuntimeTask {
+  goal: string
+  criteria?: Array<string>
+}
+export interface LoopPolicy {
+  maxTokens: number
+  maxTurns?: number
+  maxTotalTokens?: bigint
+  timeoutMs?: bigint
+}
+export interface LoopResult {
+  termination: string
+  finalMessage?: Message
+  turnsUsed: number
+  totalTokensUsed: bigint
+}
+/** Unified RuntimeSignal exposed to Node.js — mirrors the kernel type. */
+export interface RuntimeSignal {
+  id: string
+  /** "cron" | "gateway" | "heartbeat" | "custom" */
+  source: string
+  /** "event" | "job" | "alert" */
+  signalType: string
+  /** "low" | "normal" | "high" | "critical" */
+  urgency: string
+  summary: string
+  /** JSON-encoded payload. */
+  payload: string
+  dedupeKey?: string
+  timestampMs: number
+}
+export interface SkillMetadata {
+  name: string
+  description: string
+  whenToUse?: string
+  allowedTools?: Array<string>
+  effort?: number
+  estimatedTokens: number
+}
+/**
+ * Discriminated union. Inspect `kind`:
+ * - `"call_llm"`      → `messages`, `tools` (includes `skill` meta-tool when skills are registered)
+ * - `"execute_tools"` → `calls`
+ * - `"done"`          → `result`
+ */
+export interface LoopAction {
+  kind: string
+  messages?: Array<Message>
+  tools?: Array<ToolSchema>
+  calls?: Array<ToolCall>
+  result?: LoopResult
+}
+/**
+ * Discriminated union for observations:
+ * - `"compressed"` → `action`, `rho_after`
+ */
+export interface LoopObservation {
+  kind: string
+  action?: string
+  rhoAfter?: number
+}
+/** JS-friendly governance verdict returned by `Governance.evaluate`. */
+export interface GovernanceVerdictObj {
+  /** `"allow"` | `"deny"` | `"rate_limited"` | `"ask_user"` */
+  kind: string
+  reason?: string
+  /** Milliseconds until the tool may be retried. Only set when `kind === "rate_limited"`. */
+  retryAfterMs?: number
+}
+/** A single session of agent messages, used as input to `IdlePipeline.feedTrigger`. */
+export interface SessionData {
+  sessionId: string
+  agentId: string
+  /** Messages from this session. */
+  messages: Array<Message>
+  /** JSON-encoded metadata blob. */
+  metadata: string
+  /** Unix ms timestamp. */
+  createdAtMs: number
+  /** Unix ms timestamp. */
+  updatedAtMs: number
+}
+/** A long-term memory entry as stored by the agent. */
+export interface MemoryEntry {
+  text: string
+  score: number
+  /** JSON-encoded metadata blob. */
+  metadata: string
+}
+export interface CurationStats {
+  insightsProcessed: number
+  duplicatesRemoved: number
+  conflictsResolved: number
+  entriesAdded: number
+}
+/** The delta the `DreamStore.commit` must apply: add `toAdd`, remove `toRemoveIndices`. */
+export interface CurationResult {
+  toAdd: Array<MemoryEntry>
+  /** Indices into the `existingMemories` slice passed to `feedTrigger`. */
+  toRemoveIndices: Array<number>
+  stats: CurationStats
+}
+export interface IdleRunResult {
+  sessionsProcessed: number
+  insightsExtracted: number
+}
+/**
+ * Discriminated union returned by `IdlePipeline` methods. Inspect `kind`:
+ * - `"synthesize_insights"` → `messages` (SDK must call LLM, then `feedSynthesisResult`)
+ * - `"commit_memories"`     → `agentId`, `curationResult`, `runResult`
+ * - `"noop"` | `"aborted"`
+ */
+export interface IdlePipelineAction {
+  kind: string
+  messages?: Array<Message>
+  agentId?: string
+  curationResult?: CurationResult
+  runResult?: IdleRunResult
+}
+export interface Criterion {
+  text: string
+  required: boolean
+  weight?: number
+}
+export interface CriterionResult {
+  criterion: string
+  passed: boolean
+  score: number
+  feedback: string
+}
+export interface EvalPipelineOptions {
+  extractSkillOnPass?: boolean
+}
+export interface SkillCandidate {
+  name: string
+  description: string
+  whenToUse?: string
+  content: string
+}
+/**
+ * Discriminated union returned by `EvalPipeline` methods. Inspect `kind`:
+ * - `"evaluate"` → `messages` (SDK must call evaluator LLM, then `feedEvalResult`)
+ * - `"done"`     → `passed`, `overallScore`, `feedback`, `details`, optional `skillCandidate`
+ */
+export interface EvalPipelineAction {
+  kind: string
+  messages?: Array<Message>
+  passed?: boolean
+  overallScore?: number
+  feedback?: string
+  details?: Array<CriterionResult>
+  skillCandidate?: SkillCandidate
+}
+export declare class ContextEngine {
+  constructor(maxTokens: number)
+  addSystemMessage(content: string, tokens: number): void
+  addUserMessage(content: string, tokens: number): void
+  addAssistantMessage(content: string, tokens: number): void
+  pressure(): number
+  totalTokens(): number
+  /**
+   * Run compression at the level the current pressure recommends.
+   * Returns tokens saved.
+   */
+  compress(): number
+  render(): Array<Message>
+  /**
+   * Replace the available-skills set with frontmatter-only metadata.
+   * The kernel will auto-inject the `skill` meta-tool into every `CallLLM` action.
+   */
+  setAvailableSkills(skills: Array<SkillMetadata>): void
+}
+export declare class LoopStateMachine {
+  constructor(policy: LoopPolicy)
+  /**
+   * Convenience: register skills directly on the state machine without
+   * reaching into the inner ContextEngine.
+   */
+  setAvailableSkills(skills: Array<SkillMetadata>): void
+  /**
+   * Enable the `memory` meta-tool. Call with `true` when a DreamStore and agentId
+   * are configured — the SDK layer intercepts `memory` tool calls and runs the search.
+   */
+  setMemoryEnabled(enabled: boolean): void
+  /**
+   * Enable the `knowledge` meta-tool. Call with `true` when a KnowledgeSource
+   * is configured — the SDK layer intercepts `knowledge` tool calls and runs retrieval.
+   */
+  setKnowledgeEnabled(enabled: boolean): void
+  /**
+   * Prepend a system-level instruction to the context. Must be called before `start`.
+   * `tokens` is a caller-supplied estimate (use `content.length / 4` if unsure).
+   * The renderer skips messages with `tokens == 0`, so always pass at least 1.
+   */
+  addSystemMessage(content: string, tokens: number): void
+  /**
+   * Pre-populate the memory partition with a long-term memory snippet.
+   * Must be called before `start`. Use for seeding known context from past sessions.
+   * `tokens` is a caller-supplied estimate; pass at least 1.
+   */
+  addMemoryMessage(content: string, tokens: number): void
+  setTools(tools: Array<ToolSchema>): void
+  start(task: RuntimeTask): LoopAction
+  feedLlmResponse(message: Message): LoopAction
+  feedToolResults(results: Array<ToolResult>): LoopAction
+  feedTimeout(): LoopAction
+  isTerminal(): boolean
+  turn(): number
+  pressure(): number
+  /** Drain observations emitted during the most recent feed call. */
+  takeObservations(): Array<LoopObservation>
+  render(): Array<Message>
+}
+export declare class SignalRouter {
+  constructor(maxQueueSize: number)
+  /**
+   * Ingest a signal. Returns the disposition string:
+   * "ignore" | "observe" | "queue" | "run" | "interrupt" | "interrupt_now" | "dropped"
+   */
+  ingest(signal: RuntimeSignal, isRunning: boolean): string
+  /** Pull the next queued signal (highest priority first). */
+  next(): RuntimeSignal | null
+  depth(): number
+  clearDedup(): void
+}
+export declare class Governance {
+  /**
+   * Create a governance pipeline.
+   * `defaultAction` controls the fallback when no rule matches: `"allow"` (default) or `"deny"`.
+   */
+  constructor(defaultAction?: string | undefined | null)
+  /** Set the agent identity used in governance audit logs. */
+  setIdentity(agentId: string, sessionId: string): void
+  /**
+   * Add a permission rule. `pattern` supports globs: `"db.*"`, `"*.delete"`, `"*"`, or exact names.
+   * `action`: `"allow"` | `"deny"` | `"ask_user"`.
+   * Rules are evaluated in insertion order; first match wins.
+   */
+  addPermissionRule(pattern: string, action: string): void
+  /** Hard-block a tool name (veto stage — cannot be overridden by permission rules). */
+  blockTool(name: string): void
+  /** Advance the internal clock used by rate limiting and audit. */
+  setTime(nowMs: bigint): void
+  /**
+   * Evaluate a tool call through the full pipeline (Permission → Veto → RateLimit → Constraint → Audit).
+   * `argsJson`: JSON-encoded tool arguments string.
+   */
+  evaluate(toolName: string, argsJson: string): GovernanceVerdictObj
+}
+/**
+ * Kernel state machine for the evaluation cycle.
+ *
+ * Drive it like this:
+ * 1. `feedOutcome(goal, criteria, result, attempt)` → `"evaluate"` action
+ * 2. Call evaluator LLM with `action.messages`, collect the text response
+ * 3. `feedEvalResult(text)` → `"done"` action
+ * 4. Read `action.passed` / `action.feedback` / `action.skillCandidate`
+ * 5. Call `reset()` before the next attempt
+ */
+export declare class EvalPipeline {
+  constructor(options?: EvalPipelineOptions | undefined | null)
+  /**
+   * Phase 1 — provide the goal, criteria, agent output, and attempt number.
+   * Returns an `"evaluate"` action with messages to send to the evaluator LLM.
+   */
+  feedOutcome(goal: string, criteria: Array<Criterion>, result: string, attempt: number): EvalPipelineAction
+  /** Phase 2 — feed back the evaluator LLM's text response. */
+  feedEvalResult(content: string): EvalPipelineAction
+  reset(): void
+  isIdle(): boolean
+}
+/**
+ * Kernel state machine for the idle dreaming cycle.
+ *
+ * Drive it like this:
+ * 1. `feedTrigger(sessions, existingMemories, nowMs)` → `"synthesize_insights"` action
+ * 2. Call LLM with `action.messages`, collect the text response
+ * 3. `feedSynthesisResult(text)` → `"commit_memories"` action
+ * 4. Apply `action.curationResult` via `DreamStore.commit`, then call `reset()`
+ */
+export declare class IdlePipeline {
+  constructor(agentId: string)
+  /** Phase 1 — provide sessions + current memory snapshot; kernel builds the LLM prompt. */
+  feedTrigger(sessions: Array<SessionData>, existingMemories: Array<MemoryEntry>, nowMs: number): IdlePipelineAction
+  /** Phase 2 — feed back the LLM's synthesis text; kernel parses and curates. */
+  feedSynthesisResult(content: string): IdlePipelineAction
+  isIdle(): boolean
+  /** Reset to `Idle` after handling `CommitMemories` to allow the next cycle. */
+  reset(): void
+}

package/index.js

@@ -1,5 +1,8 @@
-/* auto-generated by napi-rs */
-'use strict'
+/* tslint:disable */
+/* eslint-disable */
+/* prettier-ignore */
+
+/* auto-generated by NAPI-RS */
 
 const { existsSync, readFileSync } = require('fs')
 const { join } = require('path')
@@ -11,55 +14,286 @@ let localFileExisted = false
 let loadError = null
 
 function isMusl() {
-  if (!existsSync('/usr/bin/ldd')) return true
-  return readFileSync('/usr/bin/ldd', 'utf8').includes('musl')
+  // For Node 10
+  if (!process.report || typeof process.report.getReport !== 'function') {
+    try {
+      const lddPath = require('child_process').execSync('which ldd').toString().trim()
+      return readFileSync(lddPath, 'utf8').includes('musl')
+    } catch (e) {
+      return true
+    }
+  } else {
+    const { glibcVersionRuntime } = process.report.getReport().header
+    return !glibcVersionRuntime
+  }
 }
 
 switch (platform) {
   case 'android':
     switch (arch) {
-      case 'arm64': nativeBinding = require('@deepstrike/core-android-arm64'); break
-      case 'arm': nativeBinding = require('@deepstrike/core-android-arm-eabi'); break
-      default: throw new Error(`Unsupported architecture on Android: ${arch}`)
+      case 'arm64':
+        localFileExisted = existsSync(join(__dirname, 'index.android-arm64.node'))
+        try {
+          if (localFileExisted) {
+            nativeBinding = require('./index.android-arm64.node')
+          } else {
+            nativeBinding = require('@deepstrike/core-android-arm64')
+          }
+        } catch (e) {
+          loadError = e
+        }
+        break
+      case 'arm':
+        localFileExisted = existsSync(join(__dirname, 'index.android-arm-eabi.node'))
+        try {
+          if (localFileExisted) {
+            nativeBinding = require('./index.android-arm-eabi.node')
+          } else {
+            nativeBinding = require('@deepstrike/core-android-arm-eabi')
+          }
+        } catch (e) {
+          loadError = e
+        }
+        break
+      default:
+        throw new Error(`Unsupported architecture on Android ${arch}`)
     }
     break
   case 'win32':
     switch (arch) {
-      case 'x64': nativeBinding = require('@deepstrike/core-win32-x64-msvc'); break
-      case 'ia32': nativeBinding = require('@deepstrike/core-win32-ia32-msvc'); break
-      case 'arm64': nativeBinding = require('@deepstrike/core-win32-arm64-msvc'); break
-      default: throw new Error(`Unsupported architecture on Windows: ${arch}`)
+      case 'x64':
+        localFileExisted = existsSync(
+          join(__dirname, 'index.win32-x64-msvc.node')
+        )
+        try {
+          if (localFileExisted) {
+            nativeBinding = require('./index.win32-x64-msvc.node')
+          } else {
+            nativeBinding = require('@deepstrike/core-win32-x64-msvc')
+          }
+        } catch (e) {
+          loadError = e
+        }
+        break
+      case 'ia32':
+        localFileExisted = existsSync(
+          join(__dirname, 'index.win32-ia32-msvc.node')
+        )
+        try {
+          if (localFileExisted) {
+            nativeBinding = require('./index.win32-ia32-msvc.node')
+          } else {
+            nativeBinding = require('@deepstrike/core-win32-ia32-msvc')
+          }
+        } catch (e) {
+          loadError = e
+        }
+        break
+      case 'arm64':
+        localFileExisted = existsSync(
+          join(__dirname, 'index.win32-arm64-msvc.node')
+        )
+        try {
+          if (localFileExisted) {
+            nativeBinding = require('./index.win32-arm64-msvc.node')
+          } else {
+            nativeBinding = require('@deepstrike/core-win32-arm64-msvc')
+          }
+        } catch (e) {
+          loadError = e
+        }
+        break
+      default:
+        throw new Error(`Unsupported architecture on Windows: ${arch}`)
     }
     break
   case 'darwin':
-    localFileExisted = existsSync(join(__dirname, 'deepstrike-core.darwin-universal.node'))
+    localFileExisted = existsSync(join(__dirname, 'index.darwin-universal.node'))
     try {
-      if (localFileExisted) { nativeBinding = require('./deepstrike-core.darwin-universal.node'); break }
+      if (localFileExisted) {
+        nativeBinding = require('./index.darwin-universal.node')
+      } else {
+        nativeBinding = require('@deepstrike/core-darwin-universal')
+      }
+      break
     } catch {}
     switch (arch) {
-      case 'x64': nativeBinding = require('@deepstrike/core-darwin-x64'); break
-      case 'arm64': nativeBinding = require('@deepstrike/core-darwin-arm64'); break
-      default: throw new Error(`Unsupported architecture on macOS: ${arch}`)
+      case 'x64':
+        localFileExisted = existsSync(join(__dirname, 'index.darwin-x64.node'))
+        try {
+          if (localFileExisted) {
+            nativeBinding = require('./index.darwin-x64.node')
+          } else {
+            nativeBinding = require('@deepstrike/core-darwin-x64')
+          }
+        } catch (e) {
+          loadError = e
+        }
+        break
+      case 'arm64':
+        localFileExisted = existsSync(
+          join(__dirname, 'index.darwin-arm64.node')
+        )
+        try {
+          if (localFileExisted) {
+            nativeBinding = require('./index.darwin-arm64.node')
+          } else {
+            nativeBinding = require('@deepstrike/core-darwin-arm64')
+          }
+        } catch (e) {
+          loadError = e
+        }
+        break
+      default:
+        throw new Error(`Unsupported architecture on macOS: ${arch}`)
     }
     break
   case 'freebsd':
-    if (arch !== 'x64') throw new Error(`Unsupported architecture on FreeBSD: ${arch}`)
-    nativeBinding = require('@deepstrike/core-freebsd-x64')
+    if (arch !== 'x64') {
+      throw new Error(`Unsupported architecture on FreeBSD: ${arch}`)
+    }
+    localFileExisted = existsSync(join(__dirname, 'index.freebsd-x64.node'))
+    try {
+      if (localFileExisted) {
+        nativeBinding = require('./index.freebsd-x64.node')
+      } else {
+        nativeBinding = require('@deepstrike/core-freebsd-x64')
+      }
+    } catch (e) {
+      loadError = e
+    }
     break
   case 'linux':
     switch (arch) {
       case 'x64':
-        nativeBinding = isMusl()
-          ? require('@deepstrike/core-linux-x64-musl')
-          : require('@deepstrike/core-linux-x64-gnu')
+        if (isMusl()) {
+          localFileExisted = existsSync(
+            join(__dirname, 'index.linux-x64-musl.node')
+          )
+          try {
+            if (localFileExisted) {
+              nativeBinding = require('./index.linux-x64-musl.node')
+            } else {
+              nativeBinding = require('@deepstrike/core-linux-x64-musl')
+            }
+          } catch (e) {
+            loadError = e
+          }
+        } else {
+          localFileExisted = existsSync(
+            join(__dirname, 'index.linux-x64-gnu.node')
+          )
+          try {
+            if (localFileExisted) {
+              nativeBinding = require('./index.linux-x64-gnu.node')
+            } else {
+              nativeBinding = require('@deepstrike/core-linux-x64-gnu')
+            }
+          } catch (e) {
+            loadError = e
+          }
+        }
         break
       case 'arm64':
-        nativeBinding = isMusl()
-          ? require('@deepstrike/core-linux-arm64-musl')
-          : require('@deepstrike/core-linux-arm64-gnu')
+        if (isMusl()) {
+          localFileExisted = existsSync(
+            join(__dirname, 'index.linux-arm64-musl.node')
+          )
+          try {
+            if (localFileExisted) {
+              nativeBinding = require('./index.linux-arm64-musl.node')
+            } else {
+              nativeBinding = require('@deepstrike/core-linux-arm64-musl')
+            }
+          } catch (e) {
+            loadError = e
+          }
+        } else {
+          localFileExisted = existsSync(
+            join(__dirname, 'index.linux-arm64-gnu.node')
+          )
+          try {
+            if (localFileExisted) {
+              nativeBinding = require('./index.linux-arm64-gnu.node')
+            } else {
+              nativeBinding = require('@deepstrike/core-linux-arm64-gnu')
+            }
+          } catch (e) {
+            loadError = e
+          }
+        }
         break
       case 'arm':
-        nativeBinding = require('@deepstrike/core-linux-arm-gnueabihf')
+        if (isMusl()) {
+          localFileExisted = existsSync(
+            join(__dirname, 'index.linux-arm-musleabihf.node')
+          )
+          try {
+            if (localFileExisted) {
+              nativeBinding = require('./index.linux-arm-musleabihf.node')
+            } else {
+              nativeBinding = require('@deepstrike/core-linux-arm-musleabihf')
+            }
+          } catch (e) {
+            loadError = e
+          }
+        } else {
+          localFileExisted = existsSync(
+            join(__dirname, 'index.linux-arm-gnueabihf.node')
+          )
+          try {
+            if (localFileExisted) {
+              nativeBinding = require('./index.linux-arm-gnueabihf.node')
+            } else {
+              nativeBinding = require('@deepstrike/core-linux-arm-gnueabihf')
+            }
+          } catch (e) {
+            loadError = e
+          }
+        }
+        break
+      case 'riscv64':
+        if (isMusl()) {
+          localFileExisted = existsSync(
+            join(__dirname, 'index.linux-riscv64-musl.node')
+          )
+          try {
+            if (localFileExisted) {
+              nativeBinding = require('./index.linux-riscv64-musl.node')
+            } else {
+              nativeBinding = require('@deepstrike/core-linux-riscv64-musl')
+            }
+          } catch (e) {
+            loadError = e
+          }
+        } else {
+          localFileExisted = existsSync(
+            join(__dirname, 'index.linux-riscv64-gnu.node')
+          )
+          try {
+            if (localFileExisted) {
+              nativeBinding = require('./index.linux-riscv64-gnu.node')
+            } else {
+              nativeBinding = require('@deepstrike/core-linux-riscv64-gnu')
+            }
+          } catch (e) {
+            loadError = e
+          }
+        }
+        break
+      case 's390x':
+        localFileExisted = existsSync(
+          join(__dirname, 'index.linux-s390x-gnu.node')
+        )
+        try {
+          if (localFileExisted) {
+            nativeBinding = require('./index.linux-s390x-gnu.node')
+          } else {
+            nativeBinding = require('@deepstrike/core-linux-s390x-gnu')
+          }
+        } catch (e) {
+          loadError = e
+        }
         break
       default:
         throw new Error(`Unsupported architecture on Linux: ${arch}`)
@@ -69,4 +303,18 @@ switch (platform) {
     throw new Error(`Unsupported OS: ${platform}, architecture: ${arch}`)
 }
 
-module.exports = nativeBinding
+if (!nativeBinding) {
+  if (loadError) {
+    throw loadError
+  }
+  throw new Error(`Failed to load native binding`)
+}
+
+const { ContextEngine, LoopStateMachine, SignalRouter, Governance, EvalPipeline, IdlePipeline } = nativeBinding
+
+module.exports.ContextEngine = ContextEngine
+module.exports.LoopStateMachine = LoopStateMachine
+module.exports.SignalRouter = SignalRouter
+module.exports.Governance = Governance
+module.exports.EvalPipeline = EvalPipeline
+module.exports.IdlePipeline = IdlePipeline

package/npm/darwin-arm64/README.md

@@ -1,3 +1,22 @@
 # `@deepstrike/core-darwin-arm64`
 
-This is the **aarch64-apple-darwin** binary for `@deepstrike/core`
+Platform-specific native addon for [`@deepstrike/core`](https://www.npmjs.com/package/@deepstrike/core).
+
+- **Platform:** macOS ARM64 (Apple Silicon)
+- **Target triple:** `aarch64-apple-darwin`
+
+## Do not install directly
+
+This package is an internal binary dependency. Install [`@deepstrike/sdk`](https://www.npmjs.com/package/@deepstrike/sdk) instead — the correct platform package is selected and installed automatically via `optionalDependencies`.
+
+```bash
+npm install @deepstrike/sdk
+```
+
+## How it works
+
+`@deepstrike/core` loads this package at runtime when running on macOS with Apple Silicon. The `.node` file is a compiled Rust extension built with [napi-rs](https://napi.rs) that exposes the DeepStrike kernel (loop control, context compression, governance, signal routing) to Node.js.
+
+## License
+
+Apache-2.0 OR MIT

package/npm/darwin-arm64/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@deepstrike/core-darwin-arm64",
-  "version": "0.1.1",
+  "version": "0.1.4",
   "cpu": [
     "arm64"
   ],

package/npm/darwin-x64/README.md

@@ -1,3 +1,22 @@
 # `@deepstrike/core-darwin-x64`
 
-This is the **x86_64-apple-darwin** binary for `@deepstrike/core`
+Platform-specific native addon for [`@deepstrike/core`](https://www.npmjs.com/package/@deepstrike/core).
+
+- **Platform:** macOS x64 (Intel)
+- **Target triple:** `x86_64-apple-darwin`
+
+## Do not install directly
+
+This package is an internal binary dependency. Install [`@deepstrike/sdk`](https://www.npmjs.com/package/@deepstrike/sdk) instead — the correct platform package is selected and installed automatically via `optionalDependencies`.
+
+```bash
+npm install @deepstrike/sdk
+```
+
+## How it works
+
+`@deepstrike/core` loads this package at runtime when running on macOS with an Intel processor. The `.node` file is a compiled Rust extension built with [napi-rs](https://napi.rs) that exposes the DeepStrike kernel (loop control, context compression, governance, signal routing) to Node.js.
+
+## License
+
+Apache-2.0 OR MIT

package/npm/darwin-x64/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@deepstrike/core-darwin-x64",
-  "version": "0.1.1",
+  "version": "0.1.4",
   "cpu": [
     "x64"
   ],

package/npm/linux-arm64-gnu/README.md

@@ -1,3 +1,22 @@
 # `@deepstrike/core-linux-arm64-gnu`
 
-This is the **aarch64-unknown-linux-gnu** binary for `@deepstrike/core`
+Platform-specific native addon for [`@deepstrike/core`](https://www.npmjs.com/package/@deepstrike/core).
+
+- **Platform:** Linux ARM64 (glibc)
+- **Target triple:** `aarch64-unknown-linux-gnu`
+
+## Do not install directly
+
+This package is an internal binary dependency. Install [`@deepstrike/sdk`](https://www.npmjs.com/package/@deepstrike/sdk) instead — the correct platform package is selected and installed automatically via `optionalDependencies`.
+
+```bash
+npm install @deepstrike/sdk
+```
+
+## How it works
+
+`@deepstrike/core` loads this package at runtime when running on Linux ARM64 with glibc (e.g. AWS Graviton, Raspberry Pi OS 64-bit). The `.node` file is a compiled Rust extension built with [napi-rs](https://napi.rs) that exposes the DeepStrike kernel (loop control, context compression, governance, signal routing) to Node.js.
+
+## License
+
+Apache-2.0 OR MIT

package/npm/linux-arm64-gnu/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@deepstrike/core-linux-arm64-gnu",
-  "version": "0.1.1",
+  "version": "0.1.4",
   "cpu": [
     "arm64"
   ],

package/npm/linux-arm64-musl/README.md

@@ -1,3 +1,22 @@
 # `@deepstrike/core-linux-arm64-musl`
 
-This is the **aarch64-unknown-linux-musl** binary for `@deepstrike/core`
+Platform-specific native addon for [`@deepstrike/core`](https://www.npmjs.com/package/@deepstrike/core).
+
+- **Platform:** Linux ARM64 (musl / Alpine)
+- **Target triple:** `aarch64-unknown-linux-musl`
+
+## Do not install directly
+
+This package is an internal binary dependency. Install [`@deepstrike/sdk`](https://www.npmjs.com/package/@deepstrike/sdk) instead — the correct platform package is selected and installed automatically via `optionalDependencies`.
+
+```bash
+npm install @deepstrike/sdk
+```
+
+## How it works
+
+`@deepstrike/core` loads this package at runtime when running on Linux ARM64 with musl libc (e.g. Alpine Linux on ARM). The `.node` file is a compiled Rust extension built with [napi-rs](https://napi.rs) that exposes the DeepStrike kernel (loop control, context compression, governance, signal routing) to Node.js.
+
+## License
+
+Apache-2.0 OR MIT

package/npm/linux-arm64-musl/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@deepstrike/core-linux-arm64-musl",
-  "version": "0.1.1",
+  "version": "0.1.4",
   "cpu": [
     "arm64"
   ],

package/npm/linux-x64-gnu/README.md

@@ -1,3 +1,22 @@
 # `@deepstrike/core-linux-x64-gnu`
 
-This is the **x86_64-unknown-linux-gnu** binary for `@deepstrike/core`
+Platform-specific native addon for [`@deepstrike/core`](https://www.npmjs.com/package/@deepstrike/core).
+
+- **Platform:** Linux x64 (glibc)
+- **Target triple:** `x86_64-unknown-linux-gnu`
+
+## Do not install directly
+
+This package is an internal binary dependency. Install [`@deepstrike/sdk`](https://www.npmjs.com/package/@deepstrike/sdk) instead — the correct platform package is selected and installed automatically via `optionalDependencies`.
+
+```bash
+npm install @deepstrike/sdk
+```
+
+## How it works
+
+`@deepstrike/core` loads this package at runtime when running on Linux x64 with glibc. The `.node` file is a compiled Rust extension built with [napi-rs](https://napi.rs) that exposes the DeepStrike kernel (loop control, context compression, governance, signal routing) to Node.js.
+
+## License
+
+Apache-2.0 OR MIT

package/npm/linux-x64-gnu/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@deepstrike/core-linux-x64-gnu",
-  "version": "0.1.1",
+  "version": "0.1.4",
   "cpu": [
     "x64"
   ],

package/npm/linux-x64-musl/README.md

@@ -1,3 +1,22 @@
 # `@deepstrike/core-linux-x64-musl`
 
-This is the **x86_64-unknown-linux-musl** binary for `@deepstrike/core`
+Platform-specific native addon for [`@deepstrike/core`](https://www.npmjs.com/package/@deepstrike/core).
+
+- **Platform:** Linux x64 (musl / Alpine)
+- **Target triple:** `x86_64-unknown-linux-musl`
+
+## Do not install directly
+
+This package is an internal binary dependency. Install [`@deepstrike/sdk`](https://www.npmjs.com/package/@deepstrike/sdk) instead — the correct platform package is selected and installed automatically via `optionalDependencies`.
+
+```bash
+npm install @deepstrike/sdk
+```
+
+## How it works
+
+`@deepstrike/core` loads this package at runtime when running on Linux x64 with musl libc (e.g. Alpine Linux, Docker scratch images). The `.node` file is a compiled Rust extension built with [napi-rs](https://napi.rs) that exposes the DeepStrike kernel (loop control, context compression, governance, signal routing) to Node.js.
+
+## License
+
+Apache-2.0 OR MIT

package/npm/linux-x64-musl/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@deepstrike/core-linux-x64-musl",
-  "version": "0.1.1",
+  "version": "0.1.4",
   "cpu": [
     "x64"
   ],

package/npm/win32-x64-msvc/README.md

@@ -1,3 +1,22 @@
 # `@deepstrike/core-win32-x64-msvc`
 
-This is the **x86_64-pc-windows-msvc** binary for `@deepstrike/core`
+Platform-specific native addon for [`@deepstrike/core`](https://www.npmjs.com/package/@deepstrike/core).
+
+- **Platform:** Windows x64 (MSVC)
+- **Target triple:** `x86_64-pc-windows-msvc`
+
+## Do not install directly
+
+This package is an internal binary dependency. Install [`@deepstrike/sdk`](https://www.npmjs.com/package/@deepstrike/sdk) instead — the correct platform package is selected and installed automatically via `optionalDependencies`.
+
+```bash
+npm install @deepstrike/sdk
+```
+
+## How it works
+
+`@deepstrike/core` loads this package at runtime when running on Windows x64. The `.node` file is a compiled Rust extension built with [napi-rs](https://napi.rs) that exposes the DeepStrike kernel (loop control, context compression, governance, signal routing) to Node.js.
+
+## License
+
+Apache-2.0 OR MIT

package/npm/win32-x64-msvc/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@deepstrike/core-win32-x64-msvc",
-  "version": "0.1.1",
+  "version": "0.1.4",
   "cpu": [
     "x64"
   ],

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@deepstrike/core",
-  "version": "0.1.1",
+  "version": "0.1.4",
   "description": "DeepStrike kernel — pre-built native addon",
   "main": "index.js",
   "types": "index.d.ts",
@@ -16,10 +16,10 @@
     ]
   },
   "optionalDependencies": {
-    "@deepstrike/core-linux-x64-gnu": "0.1.1",
-    "@deepstrike/core-linux-arm64-gnu": "0.1.1",
-    "@deepstrike/core-darwin-x64": "0.1.1",
-    "@deepstrike/core-darwin-arm64": "0.1.1",
-    "@deepstrike/core-win32-x64-msvc": "0.1.1"
+    "@deepstrike/core-linux-x64-gnu": "0.1.4",
+    "@deepstrike/core-linux-arm64-gnu": "0.1.4",
+    "@deepstrike/core-darwin-x64": "0.1.4",
+    "@deepstrike/core-darwin-arm64": "0.1.4",
+    "@deepstrike/core-win32-x64-msvc": "0.1.4"
   }
 }

package/src/lib.rs

@@ -43,10 +43,13 @@ use compact_str::CompactString;
 
 use deepstrike_core::context::manager::ContextManager;
 use deepstrike_core::context::pressure::PressureAction;
+use deepstrike_core::governance::permission::{PermissionAction, PermissionRule};
 use deepstrike_core::governance::pipeline::GovernancePipeline as RustGovernancePipeline;
+use deepstrike_core::types::agent::AgentIdentity;
+use deepstrike_core::types::policy::GovernanceVerdict as RustGovernanceVerdict;
 use deepstrike_core::harness::eval_pipeline::{
-    EvalAction as RustEvalAction, EvalEvent as RustEvalEvent, EvalPolicy as RustEvalPolicy,
-    EvalPipeline as RustEvalPipeline,
+    Criterion as RustCriterion, EvalAction as RustEvalAction, EvalEvent as RustEvalEvent,
+    EvalPolicy as RustEvalPolicy, EvalPipeline as RustEvalPipeline,
 };
 use deepstrike_core::memory::curator::CurationResult as RustCurationResult;
 use deepstrike_core::memory::durable::SessionData as RustSessionData;
@@ -76,11 +79,30 @@ use deepstrike_core::types::task::RuntimeTask as RustRuntimeTask;
 
 // ────────────────────────────────────── POD types (plain JS objects) ──────────────────────────────────────
 
+#[napi(object)]
+#[derive(Clone)]
+pub struct ContentPartObj {
+    /// `"text"` | `"image"` | `"audio"` | `"tool_result"`
+    pub r#type: String,
+    pub text: Option<String>,
+    pub url: Option<String>,
+    pub data: Option<String>,
+    pub media_type: Option<String>,
+    pub detail: Option<String>,
+    pub call_id: Option<String>,
+    pub output: Option<String>,
+    pub is_error: Option<bool>,
+}
+
 #[napi(object)]
 #[derive(Clone)]
 pub struct Message {
     pub role: String,
+    /// Plain-text content. When `content_parts` is present, this holds only the
+    /// concatenated text segments for backward compatibility.
     pub content: String,
+    /// Structured multimodal content parts. When present, takes precedence over `content`.
+    pub content_parts: Option<Vec<ContentPartObj>>,
     pub token_count: Option<u32>,
     pub tool_calls: Vec<ToolCall>,
 }
@@ -288,6 +310,51 @@ fn role_to_str(role: Role) -> &'static str {
     }
 }
 
+fn content_part_to_rust(p: ContentPartObj) -> ContentPart {
+    match p.r#type.as_str() {
+        "image" => ContentPart::Image {
+            url: p.url,
+            data: p.data,
+            media_type: p.media_type,
+            detail: p.detail,
+        },
+        "audio" => ContentPart::Audio {
+            data: p.data.unwrap_or_default(),
+            media_type: p.media_type.unwrap_or_else(|| "audio/wav".into()),
+        },
+        "tool_result" => ContentPart::ToolResult {
+            call_id: CompactString::new(&p.call_id.unwrap_or_default()),
+            output: p.output.unwrap_or_default(),
+            is_error: p.is_error.unwrap_or(false),
+        },
+        _ => ContentPart::Text { text: p.text.unwrap_or_default() },
+    }
+}
+
+fn content_part_from_rust(p: &ContentPart) -> ContentPartObj {
+    match p {
+        ContentPart::Text { text } => ContentPartObj {
+            r#type: "text".into(), text: Some(text.clone()),
+            url: None, data: None, media_type: None, detail: None,
+            call_id: None, output: None, is_error: None,
+        },
+        ContentPart::Image { url, data, media_type, detail } => ContentPartObj {
+            r#type: "image".into(), text: None,
+            url: url.clone(), data: data.clone(), media_type: media_type.clone(), detail: detail.clone(),
+            call_id: None, output: None, is_error: None,
+        },
+        ContentPart::Audio { data, media_type } => ContentPartObj {
+            r#type: "audio".into(), text: None, url: None,
+            data: Some(data.clone()), media_type: Some(media_type.clone()), detail: None,
+            call_id: None, output: None, is_error: None,
+        },
+        ContentPart::ToolResult { call_id, output, is_error } => ContentPartObj {
+            r#type: "tool_result".into(), text: None, url: None, data: None, media_type: None, detail: None,
+            call_id: Some(call_id.to_string()), output: Some(output.clone()), is_error: Some(*is_error),
+        },
+    }
+}
+
 fn message_to_rust(m: Message) -> Result<RustMessage> {
     let role = role_str_to_rust(&m.role)?;
     let tool_calls: Vec<RustToolCall> = m
@@ -295,32 +362,29 @@ fn message_to_rust(m: Message) -> Result<RustMessage> {
         .into_iter()
         .map(tool_call_to_rust)
         .collect::<Result<_>>()?;
-    Ok(RustMessage {
-        role,
-        content: Content::Text(m.content),
-        tool_calls,
-        token_count: m.token_count,
-    })
+    let content = match m.content_parts {
+        Some(parts) if !parts.is_empty() => Content::Parts(parts.into_iter().map(content_part_to_rust).collect()),
+        _ => Content::Text(m.content),
+    };
+    Ok(RustMessage { role, content, tool_calls, token_count: m.token_count })
 }
 
 fn message_from_rust(m: &RustMessage) -> Message {
-    let content = match &m.content {
-        Content::Text(s) => s.clone(),
-        Content::Parts(parts) => parts
-            .iter()
-            .map(|p| match p {
-                ContentPart::Text { text } => text.clone(),
-                ContentPart::Image { url } => format!("[image: {url}]"),
-                ContentPart::ToolResult { call_id, output, .. } => {
-                    format!("[tool_result {call_id}]: {output}")
-                }
-            })
-            .collect::<Vec<_>>()
-            .join("\n"),
+    let (content, content_parts) = match &m.content {
+        Content::Text(s) => (s.clone(), None),
+        Content::Parts(parts) => {
+            let text_only: String = parts.iter().filter_map(|p| match p {
+                ContentPart::Text { text } => Some(text.as_str()),
+                _ => None,
+            }).collect::<Vec<_>>().join("\n");
+            let objs: Vec<ContentPartObj> = parts.iter().map(content_part_from_rust).collect();
+            (text_only, Some(objs))
+        }
     };
     Message {
         role: role_to_str(m.role).to_string(),
         content,
+        content_parts,
         token_count: m.token_count,
         tool_calls: m.tool_calls.iter().map(tool_call_from_rust).collect(),
     }
@@ -577,6 +641,30 @@ impl LoopStateMachine {
         self.inner.ctx.set_knowledge_enabled(enabled);
     }
 
+    /// Prepend a system-level instruction to the context. Must be called before `start`.
+    /// `tokens` is a caller-supplied estimate (use `content.length / 4` if unsure).
+    /// The renderer skips messages with `tokens == 0`, so always pass at least 1.
+    #[napi]
+    pub fn add_system_message(&mut self, content: String, tokens: u32) {
+        self.inner
+            .ctx
+            .partitions
+            .system
+            .push(RustMessage::system(content), tokens.max(1));
+    }
+
+    /// Pre-populate the memory partition with a long-term memory snippet.
+    /// Must be called before `start`. Use for seeding known context from past sessions.
+    /// `tokens` is a caller-supplied estimate; pass at least 1.
+    #[napi]
+    pub fn add_memory_message(&mut self, content: String, tokens: u32) {
+        self.inner
+            .ctx
+            .partitions
+            .memory
+            .push(RustMessage::user(content), tokens.max(1));
+    }
+
     #[napi]
     pub fn set_tools(&mut self, tools: Vec<ToolSchema>) -> Result<()> {
         let rust_tools: Vec<RustToolSchema> = tools
@@ -683,27 +771,100 @@ impl SignalRouter {
 
 // ─────────────────────────────────────────── Governance ───────────────────────────────────────────
 
+/// JS-friendly governance verdict returned by `Governance.evaluate`.
+#[napi(object)]
+#[derive(Clone)]
+pub struct GovernanceVerdictObj {
+    /// `"allow"` | `"deny"` | `"rate_limited"` | `"ask_user"`
+    pub kind: String,
+    pub reason: Option<String>,
+    /// Milliseconds until the tool may be retried. Only set when `kind === "rate_limited"`.
+    pub retry_after_ms: Option<f64>,
+}
+
+fn verdict_to_js(v: RustGovernanceVerdict) -> GovernanceVerdictObj {
+    match v {
+        RustGovernanceVerdict::Allow => GovernanceVerdictObj { kind: "allow".into(), reason: None, retry_after_ms: None },
+        RustGovernanceVerdict::Deny { reason, .. } => GovernanceVerdictObj { kind: "deny".into(), reason: Some(reason), retry_after_ms: None },
+        RustGovernanceVerdict::RateLimited { retry_after_ms } => GovernanceVerdictObj { kind: "rate_limited".into(), reason: None, retry_after_ms: Some(retry_after_ms as f64) },
+        RustGovernanceVerdict::AskUser { reason } => GovernanceVerdictObj { kind: "ask_user".into(), reason: Some(reason), retry_after_ms: None },
+    }
+}
+
 #[napi]
 pub struct Governance {
     inner: RustGovernancePipeline,
+    agent_id: String,
+    session_id: String,
 }
 
 #[napi]
 impl Governance {
+    /// Create a governance pipeline.
+    /// `defaultAction` controls the fallback when no rule matches: `"allow"` (default) or `"deny"`.
     #[napi(constructor)]
-    pub fn new() -> Self {
-        Self { inner: RustGovernancePipeline::default() }
+    pub fn new(default_action: Option<String>) -> Self {
+        let action = match default_action.as_deref() {
+            Some("deny") => PermissionAction::Deny,
+            Some("ask_user") => PermissionAction::AskUser,
+            _ => PermissionAction::Allow,
+        };
+        Self {
+            inner: RustGovernancePipeline::new(action),
+            agent_id: "anonymous".into(),
+            session_id: "".into(),
+        }
+    }
+
+    /// Set the agent identity used in governance audit logs.
+    #[napi]
+    pub fn set_identity(&mut self, agent_id: String, session_id: String) {
+        self.agent_id = agent_id;
+        self.session_id = session_id;
     }
 
+    /// Add a permission rule. `pattern` supports globs: `"db.*"`, `"*.delete"`, `"*"`, or exact names.
+    /// `action`: `"allow"` | `"deny"` | `"ask_user"`.
+    /// Rules are evaluated in insertion order; first match wins.
+    #[napi]
+    pub fn add_permission_rule(&mut self, pattern: String, action: String) {
+        let perm_action = match action.as_str() {
+            "deny" => PermissionAction::Deny,
+            "ask_user" => PermissionAction::AskUser,
+            _ => PermissionAction::Allow,
+        };
+        self.inner.permission.add_rule(PermissionRule {
+            tool_pattern: pattern.into(),
+            action: perm_action,
+        });
+    }
+
+    /// Hard-block a tool name (veto stage — cannot be overridden by permission rules).
     #[napi]
     pub fn block_tool(&mut self, name: String) {
         self.inner.veto.block_tool(name);
     }
 
+    /// Advance the internal clock used by rate limiting and audit.
     #[napi]
     pub fn set_time(&mut self, now_ms: BigInt) {
         self.inner.set_time(now_ms.get_u64().1);
     }
+
+    /// Evaluate a tool call through the full pipeline (Permission → Veto → RateLimit → Constraint → Audit).
+    /// `argsJson`: JSON-encoded tool arguments string.
+    #[napi]
+    pub fn evaluate(&mut self, tool_name: String, args_json: String) -> Result<GovernanceVerdictObj> {
+        let args: serde_json::Value = serde_json::from_str(&args_json)
+            .unwrap_or(serde_json::Value::Null);
+        let call = RustToolCall {
+            id: compact_str::CompactString::new(""),
+            name: compact_str::CompactString::new(&tool_name),
+            arguments: args,
+        };
+        let caller = AgentIdentity::new(self.agent_id.as_str(), self.session_id.as_str());
+        Ok(verdict_to_js(self.inner.evaluate(&call, &caller)))
+    }
 }
 
 // ──────────────────────────────── Dream / idle-pipeline POD types ────────────────────────────────
@@ -856,6 +1017,23 @@ fn idle_pipeline_action_from_rust(a: RustIdleAction) -> IdlePipelineAction {
 
 // ─────────────────────────────────────────── EvalPipeline ────────────────────────────────────────
 
+#[napi(object)]
+#[derive(Clone)]
+pub struct Criterion {
+    pub text: String,
+    pub required: bool,
+    pub weight: Option<f64>,
+}
+
+#[napi(object)]
+#[derive(Clone)]
+pub struct CriterionResult {
+    pub criterion: String,
+    pub passed: bool,
+    pub score: f64,
+    pub feedback: String,
+}
+
 #[napi(object)]
 #[derive(Clone)]
 pub struct EvalPipelineOptions {
@@ -873,14 +1051,16 @@ pub struct SkillCandidate {
 
 /// Discriminated union returned by `EvalPipeline` methods. Inspect `kind`:
 /// - `"evaluate"` → `messages` (SDK must call evaluator LLM, then `feedEvalResult`)
-/// - `"done"`     → `result` with `passed`, `feedback`, optional `skillCandidate`
+/// - `"done"`     → `passed`, `overallScore`, `feedback`, `details`, optional `skillCandidate`
 #[napi(object)]
 #[derive(Clone)]
 pub struct EvalPipelineAction {
     pub kind: String,
     pub messages: Option<Vec<Message>>,
     pub passed: Option<bool>,
+    pub overall_score: Option<f64>,
     pub feedback: Option<String>,
+    pub details: Option<Vec<CriterionResult>>,
     pub skill_candidate: Option<SkillCandidate>,
 }
 
@@ -915,16 +1095,23 @@ impl EvalPipeline {
     pub fn feed_outcome(
         &mut self,
         goal: String,
-        criteria: Vec<String>,
+        criteria: Vec<Criterion>,
         result: String,
         attempt: u32,
     ) -> EvalPipelineAction {
-        match self.inner.feed(RustEvalEvent::Outcome { goal, criteria, result, attempt }) {
+        let rust_criteria = criteria.into_iter().map(|c| RustCriterion {
+            text: c.text,
+            required: c.required,
+            weight: c.weight.map(|w| w as f32).unwrap_or(1.0),
+        }).collect();
+        match self.inner.feed(RustEvalEvent::Outcome { goal, criteria: rust_criteria, result, attempt }) {
             RustEvalAction::Evaluate { messages } => EvalPipelineAction {
                 kind: "evaluate".into(),
                 messages: Some(messages.iter().map(message_from_rust).collect()),
                 passed: None,
+                overall_score: None,
                 feedback: None,
+                details: None,
                 skill_candidate: None,
             },
             RustEvalAction::Done { result } => eval_done_action(result),
@@ -940,7 +1127,9 @@ impl EvalPipeline {
                 kind: "evaluate".into(),
                 messages: Some(messages.iter().map(message_from_rust).collect()),
                 passed: None,
+                overall_score: None,
                 feedback: None,
+                details: None,
                 skill_candidate: None,
             },
         }
@@ -962,7 +1151,14 @@ fn eval_done_action(result: deepstrike_core::harness::eval_pipeline::EvalResult)
         kind: "done".into(),
         messages: None,
         passed: Some(result.passed),
+        overall_score: Some(result.overall_score as f64),
         feedback: Some(result.feedback),
+        details: Some(result.details.into_iter().map(|d| CriterionResult {
+            criterion: d.criterion,
+            passed: d.passed,
+            score: d.score as f64,
+            feedback: d.feedback,
+        }).collect()),
         skill_candidate: result.skill_candidate.map(|s| SkillCandidate {
             name: s.name,
             description: s.description,